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(1) REAL PARTY IN INTEREST 

The real party in interest (RPI) is Smart Media Limited, as evidenced by an 
Assignment recorded at reel 012677 and frame 01 30. 

(2) RELATED APPEALS AND INTERFERENCES 

There are no other pending appeals or interferences of which the 
undersigned representative and assignee/RPI is aware that will directly affect, be directly 
affected by or have a bearing on the Board's decision in this appeal. 

(3) STATUS OF CLAIMS 

Claims 1, 102-119, 125-161, 175-178, and 180-186 stand finally rejected 
and are pending in this appeal. Claims 2-101, 120-124, 162-174 and 179 are canceled. 
Claims 1, 102-119, 125-161, 175-178, and 180-186 are reproduced, along with indications 
of canceled claims, in an Appendix accompanying this Brief as the claims stood 
subsequent to an Advisory Action dated January 31, 2006. 

(4) STATUS OF AMENDMENTS 

' Claims 1, 102-119, 125-161, 175-178, and 180-186 were finally rejected in 
an Office Action dated October 12, 2005. Claim 135 was amended in an after-final 
Response dated January 5, 2006. In an Advisory Action dated January 31, 2006, the 
Examiner stated that the amendment was entered for appeal purposes, but that all pending 
claims were still rejected. 

(5) SUMMARY OF CLAIMED SUBJECT MATTER 

The independent claims are claims 1, 125, 135, 140, 175, and 180. 
Independent claim 1 is related to a data processing system (Figure 3) including a first 
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processing resource in the form of a web server (10) coupleable to an open 
communications network (2). The data processing system (Figure 3) further includes a 
second processing resource in the form of a back end server (48) coupleable to said first 
processing resource. See, e.g., page 15, line 15 to page 16, line 2. The first processing 
resource and said second processing resource are configured to establish a 
communications relationship between them through a non-network connected 
communications channel (50). See, e.g., Figures 3 and 11; page 5, lines 12-15; page 16, 
lines 2-9; and page 30, lines 1 1-27. The second processing resource is restricted to 
implementing an instruction communicated from said first processing resource which only 
performs a predetermined allowable operation, thereby inhibiting compromise of said 
second processing resource. See, e.g., Figures 9, 10A, and 10B; page 4, line 26 to page 5, 
line 10; and page 22, line 29 to page 27, line 8. 

Independent claim 125 is directed to a data processing apparatus including 
a first processing resource in the form of a web server (10) coupleable to an open 
communications network (2) and to a non-network connected communications channel 
(50). See Figure 3; page 15, line 15 to page 16, line 2; page 5, lines 12-15; and page 16, 
lines 2-9. The first processing resource is configured to transmit an instruction to a second 
processing resource in the form of a back end server (48) disposed in a non-open network 
coupled data processing apparatus responsive to receiving a communication via said 
communications channel (50) and for said instruction satisfying a predetermined criterion. 
See, e.g., Figures 9, 10A, and 10B; page 4, line 26 to page 5, line 10; and page 22, line 29 
to page 27, line 8. 

Independent claim 135 is directed to a data processing apparatus, including 
a second processing resource in the form of a back end server (48) that is configured to 
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respond to an instruction received through a non-network connected communications 
channel (50; see page 5, lines 12-15; page 16, lines 2-9; and page 30, lines 1 1-27) from 
another processing resource in the form of a web server (10) disposed in another data 
processing apparatus to execute only instructions satisfying a predetermined criterion. 
See, e.g., Figures 9, 10A, and 10B; page 4, line 26 to page 5, line 10; and page 22, line 29 
to page 27, line 8. 

Independent claim 140 is directed to a method for operating a processing 
system (Figure 3) including a first processing resource in the form of a web server (10) 
coupleable to an open communications network (2) and a second processing resource in 
the form of a back end server (48). The method includes establishing a communications 
relationship between said first and second processing resource through a non-network 
connected communications channel (50). See Figure 3; page 5, lines 12-15; page 16, lines 
2-9; and page 30, lines 1 1-27. The second processing resource is therefore restricted to 
implementing an instruction communicated from said first processing resource which only 
performs a predetermined allowable operation, thereby inhibiting compromise of said 
second processing resource. See, e.g., Figures 9, 10A, and 10B; page 4, line 26 to page 5, 
line 10; and page 22, line 29 to page 27, line 8. 

Independent claim 175 is directed to a carrier medium (see page 13, lines 7- 
19; page 33, lines 20-23; and page 34, lines 14-29) comprising computer machine readable 
instructions, translatable for configuring a data processing apparatus or system (Figure 3) 
to include or establish a communications relationship through a non-network connected 
communication channel (50) between a first processing resource in the form of a web 
server (10) coupleable to an open communications network (2), and a second processing 
resource in the form of a back end server 48. See Figure 3; page 5, lines 12-15; page 16, 
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lines 2-9; and page 30, lines 1 1-27. The second processing resource is therefore restricted 
to implementing an instruction communicated from said first processing resource which 
only performs a predetermined allowable operation, thereby inhibiting compromise of said 
second processing resource. See, e.g., Figures 9, 10A, and 10B; page 4, line 26 to page 5, 
line 10; and page 22, line 29 to page 27, line 8. 

Independent claim 180 is directed to a carrier medium (see page 13, lines 7- 
19; page 33, lines 20-23; and page 34, lines 14-29) comprising computer or machine 
readable instructions for configuring a data processing apparatus or system (Figure 3) 
comprising a first processing resource in the form of a web server (10) coupleable to an 
open communications network (2) and a second processing resource in the form of a back 
end server (48) to establish a communications relationship between said first and second 
processing resources through a non-network connected communication channel (50). See 
Figure 3; page 5, lines 12-15; page 16, lines 2-9; and page 30, lines 1 1-27. The 
instructions are further for configuring a data processing apparatus or system (Figure 3) to 
transmit an instruction from said first processing resource to said processing resource for 
said instruction satisfying a predetermined criterion. The second processing resource is 
therefore restricted to implementing an instruction, communicated from said first 
processing resource which only performs a predetermined allowable operation, thereby 
inhibiting compromise of said second processing resource. See, e.g., Figures 9, 10A, and 
10B; page 4, line 26 to page 5, line 10; and page 22, line 29 to page 27, line 8. 

(6) GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

A, The first grounds for rejection (Issue A) presented for review by the Board 

is whether claims 1, 102-105, 108, 109, 111, 125, 127, 132-135, 137-144, 148, 149, 151, 
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158, 175-177, 180, 181, 183, and 186 are anticipated under 35 U.S.C. §102(e) by Raanan 
et al., U.S. Patent No. 6,3 1 1 ,276 (hereinafter, Raanan). 

B. The second issue (Issue B) presented for review by the Board is whether 
claims 106, 136, and 145 are obvious under 35 U.S.C. §103(a) Raanan in view of Piccioni, 
U.S. Patent No. 6,842,774 (hereinafter, Piccioni). 

C. The third issue (Issue C) presented for review by the Board is whether 
claims 107, 146, and 147 are obvious under 35 U.S.C. § 103(a) over Raanan in view of 
Tanaka et al., U.S. Patent No. 5,539,909 (hereinafter, Tanaka). 

D. The fourth issue (Issue D) presented for review by the Board is whether 
claims 110, 112-119, 126, 128-131, 150, 152-157, and 159 are obvious under 35 U.S.C. 
§ 103(a) over Raanan in view of Willmann, U.S. Patent No. 5,521,923 (hereinafter, 
Willmann). 

E. The fifth issue (Issue E) presented for review by the Board is whether 
claims 160, 161, 184, and 185 are obvious under 35 U.S.C. § 103(a) over Raanan in view 
of Willmann and in further view of RFC791, "Internet Protocol, DARPA Internet Program 
Protocol Specification" (hereinafter, RFC791). 

F. The sixth issue (Issue F) presented for review by the Board is whether 
claims 178 and 182 are obvious under 35 U.S.C. § 103(a) over Raanan in view of OSTA, 
"The Benefits of Writable Optical Storage" (hereinafter, OSTA). 



6 



Appl. No. 09/930,612 

Appeal Brief dated April 7, 2006 

Corresponding -to Notice of -Appeal filed February 10, 2006 
(7) ARGUMENT 

Issue A : : ' 

Claims 1, 102-105, 108, 109, 111, 125, 127, 132-135, 137-144, 148, 149, 
151, 158, 175-177, 180, 181, 183, and 186 stand rejected under 35 U.S.C. § 102(e) by 
Raanan. 

Claims 1, 102-105, 111. 125, 127, 133-135, 138-144. 151, 175-177. 180, 
and 181 

With regard to the rejections of independent claim 1, independent claim 1 
recites in part "said first processing resource and said second processing resource being 
configured to establish a communications relationship between them through a non- 
network connected communications channeV (emphasis added). Respecting a non- 
network connected communications channel. Applicant states the following: 

In a preferred embodiment of the invention, a dedicated 
communications channel 50 is disposed between web server 10 and 
backend server 48 for communicating messages between the web server 10 
and backend server 48. Preferably, communications channel 50 is a non- 
network connected communications channel. In the present example, the 
dedicated communications channel 50 is a serial line, but may be a parallel 
connection. The communications channel 50 may comprise a twisted pair, 
optical fibre or wireless link, for example, and other suitable 
communications channels may be provided. 

Page 16, lines 2-9 (emphasis added). Applicant further states the following: 

The web server 10 services requests for pages from client 1 1 
and sends them over the network 2 back to the client. Occasionally, the 
web server 10 receives a request for a special function or web page, herein 
termed a "special page", such as an order page for ordering a product. 
Ordering a product requires details of the customer, including their name, 
delivery and billing address and, depending on the method of payment, 
their credit card/debit card details or bank account details, for example. 
Such information comprises sensitive data, which should not be able to 
be accessed by unscrupulous or unauthorised persons. 
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In accordance with an embodiment of the present 
invention, the handling, manipulation and processing of such sensitive data 
is primarily carried out on the backend server 48. In an illustrative 
embodiment of the invention, an order page is stored on either database 46 
or 52 and is sent to client computer system 1 1 in response to an order 
request, for completion and subsequent submission to the web server 10. 
On receiving a completed order request page, web server 10 informs the 
backend server 48 that a customer wishes to place an order and web server 
10 then sends the order details to the backend server 48. The order details 
may be extracted from the order page and forwarded to the web server 10, 
or the order page itself may be transmitted to backend server 48. The order 
request details are received by backend server 48 and processed. The 
processing may be in real-time, for example credit/debit card verification 

provided by a simple OK I OK result sent back to web server 10, or may be 
off-line, such as arranging for delivery of the requested product, checking 
availability in the warehouse and arranging for debit of the credit/debit card 
account. Once the details have been passed to the backend server 48, they 
can be deleted from the web server 10. Since the backend server 48 is not 
network coupled, sensitive data comprising the details are prevented from 
being accessed from the Internet The details may be deleted from the 
web server 10 immediately they have been passed to backend server 48, or 
backend server 48 has acknowledged receipt of the details, or they may be 
deleted on a periodic basis, such as once a day or once every suitable time 
period, e.g. every hour. 

Page 18, lines 4-32 (emphasis added). Thus, an aspect of the invention, in order to 
increase security of sensitive data, is to use a backend server and web server that establish 
a communications relationship between them through a non-network connected 
communications channel. 

Regarding Raanan at column 5, lines 10-29 (as cited by the Examiner), this 
section of Raanan does not refer to a non-networked connected communications channel. 
In fact, Raanan is silent as to nature of the connection at that passage. However, in the 
paragraphs below lines 29, explaining how the system operates, all examples in Raanan 
are about network connections and protocols (e.g., TCP/IP and HTTP). See, e.g., Raanan 
at column 5, lines 29-38, which specifically describes TCP/IP and HTTP. Thus, Ranaan 
in fact explicitly discloses only a network connection based system. 
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In contrast, claim 1 of the present application relates to a situation 
involving the first processing resources making a direct request to the second processing 
resource without going via a network connection. Instead, a communications relationship 
is made via a non-network connected communications channel. 

Whilst Raanari appears to disclose first and second resources (though not 
the first and second processing resources of claim 1), Ranaan is dealing with protecting the 
second resource from network based attacks via a networked connection. A key part of 
Raanan is the reference to a protocol database (which holds details about the about the 
protocol used by the network connection). See, e.g., FIGS. 1 and 2 and column 6, lines 7- 
14 of Raanan. What Raanan as a whole is describing is a filter device inserted in the 
network connection between client and server. Raanan discusses the problems associated 
with analyzing network protocols. See FIG. 2 of Raanan, described in column 3, lines 56- 
58 of Raanan, which defines networked connections. 

In contrast, the present invention as embodied in independent claim 1 
describes web server and a back end server having a communications relationship between 
them through a non-network connected communications channel. 

Accordingly, the Examiner's rejection to claim 1 is refuted. 

In the Advisory Action, dated January 3 1 , 2006, the Examiner asserted the 

following: 

[The request for reconsideration has been considered but] 
does NOT place the application in condition for allowance because: In 
Raanan, as shown in column 3, lines 62-63, the second processing resource 
(server) is never directly connected to the open network, but all messages 
must pass through the first processing resource (gateway/filter) in order to 
be sent to or from the second processing resource. Figures 2 and 2a show 
that the only connections to the server are through the gateway (this one 
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gateway holds the components of the filter module, protocol DB, and 
protocol extraction module when viewed in light of column 3, lines 62-63). 
Any request sent from the client destined for the server must pass through 
the gateway in order to determine if any actions within the request are not 
allowable, only passing the complete request when those actions are 
deemed allowable. When the server is transmitting data to the client, the 
gateway intercepts the data in order to dynamically update the allowable 
actions. Applicant argues that the connection between the gateway and 
server of Raanan is not a non-network connected communications channel. 
The server of Raanan is isolated from the open communications network, 
as described above, meaning that no data held on the server is accessible to 
computer systems on the open communications network, this data only 
being accessible by the gateway. 

Applicant respectfully disagrees. There is no evidence in Raanan that the server 10 and 
the filter module 14/protocol extraction module 18 of Raanan have a communications 
relationship between them through a non-network connected communications channel as 
recited in independent claim 1 . 

Raanan specifically states the following: 

Referring to FIG. 2, a computer network such as the 
Internet, an intranet or any other private network, connects clients 12 and 
servers 10, of which only one of each is shown. Associated with the server 
10 is a security gateway system consisting of a filter module 14, a protocol 
database 16, and a protocol extraction module 18. These modules and 
database may be stored on the server 10, on a computer separate from and 
connectable to the server 10, or on a number of separate but connectable 
computers. 

Raanan at col. 3, lines 56-64 (emphasis added). Therefore, Raanan itself states that the 
server 10 is part of a computer network that also includes client 12. Even if the filter 
module 14, protocol database 16, and protocol extraction module 18 are separate from the 
server 10, there is no indication that the server 10 and the client 12 of Raanan have a 
communications relationship between them through a non-network connected 
communications channel as recited in independent claim 1 . 
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It appears, for instance, that the server 10 in Raanan is allowed unfettered 
transmissions to any client 12. While the protocol extraction module 18 appears to extract 
data from server messages, there is no indication in Raanan that messages are curtailed in 
any way. See Raanan from col. 4, lines 46 to col. 5, line 10 and steps 30-36 of FIG. 3. 
When the client 12 in Raanan transmits a request directed to the server 10, the filter 
module 14 intercepts the request and "[i]f the request is allowable, the filter module 14 
passes the request along to the server". On the other hand, "[i]f the request does not match 
any of the actions in the application protocol in the protocol database 1 6 and is thus 
considered disallowable, the request is denied access to the server". Raanan at col. 5, lines 
22-27. 

However, that some requests from a client 12 to a server 10 are denied 
access to the server 10 does not mean that the server 10 and the filter module 14/protocol 
extraction module 1 8 of Raanan have a communications relationship between them 
through a non-network connected communications channel as recited in independent 
claim 1 . For instance, the client 12 in Raanan directs requests to the server (see Raanan at 
col. 5, line 11, step 38 of FIG. 3). See also claims 10 and 26, which state "receiving a 
request from a client addressed to the server" (emphasis added). Thus, the client 12 
appears to use addressing to direct requests to the server. Moreover, claim 1 of Raanan 
states "receiving a message transmitted by the server addressed to one or more clients". 
It is apparent that the server also uses addressing of clients in messages to the clients. In 
order for the client 12 to direct a request addressed to the server 10 and for the server 10 to 
direct a request addressed to the client 12, the server 10 and client 12 must have some type 
of addresses on a network. The server 10 and the client 12 in Raanan therefore are part of 
a network and communicate using the network. 
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Further, Raanan notes that "[t]he filter module 14 intercepts messages such 
as requests from the client 12" (col. 3, lines 65-66 of Raanan) (emphasis added). If 
messages from the client 12, which are addressed to the server 10, are intercepted, then the 
filter module 14 must be able to access the network having the messages. Furthermore, in 
Raanan, the "server 10 transmits a message directed to the client" (col. 4, line 51) and "the 
protocol extraction module 1 8 intercepts server messages" (col. 4, lines 46-47). If 
messages from the server 10, which are addressed to the client 12, are intercepted, then the 
protocol extraction module 1 8 must be able to access the network having the messages. 
Raanan does not appear to disclose how messages are "intercepted" by the filter module 
14 or protocol extraction module 18. Nonetheless, Raanan makes it clear that the server 
10, client 12, filter module 14, and protocol extraction module 18 are coupled to a network 
and there is no disclosure in Raanan of any non-network connection between the server 1 0 
and filter module 14/protocol extraction module 18. 

For at least these reasons, Applicant respectfully submits that Raanan does 
not disclose at least "said first processing resource and said second processing resource 
being configured to establish a communications relationship between them through a 
non-network connected communications channeF as recited in independent claim 1 . 

The other independent claims (claims 125, 135, 140, 175, and 180) all 
recite similar features to claim 2 and therefore are allowable for at least the same reasons. 
For instance, claim 125 recites in part "a first processing resource in the form of a web 
server couple able to an open communications network and to a non-network connected 
communications channel^ said first processing resource being configured to transmit an 
instruction to a second processing resource in the form of a back end server disposed in a 
non-open network coupled data processing apparatus responsive to receiving a 
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communication via said communications channel and for said instruction satisfying a 
predetermined criterion". Amended independent claim 135 recites in part "a second 
processing resource in the form of a back end server that is configured to respond to an 
instruction received through a non-network connected communications channel from 
another processing resource in the form of a web server disposed in another data 
processing apparatus to execute only instructions satisfying a predetermined criterion." 
Claim 140 recites in part "establishing a communications relationship between said first 
and second processing resource through a non-network connected communications 
channel whereby said second processing resource is restricted to implementing an 
instruction communicated from said first processing resource which only performs a 
predetermined allowable operation". Claim 175 recites in part "A carrier medium 
comprising computer machine readable instructions, translatable for configuring a data 
processing apparatus or system to include or establish a communications relationship 
through a non-network connected communication channel between a first processing 
resource in the form of a web server coupleable to an open communications network and a 
second processing resource in the form of a back end server". Claim 180 recites in part 
"A carrier medium comprising computer or machine readable instructions for configuring 
a data processing apparatus or system comprising a first processing resource in the form of 
a web server coupleable to an open communications network and a second processing 
resource in the form of a back end server to establish a communications relationship 
between said first and second processing resources through a non-network connected 
communication channeF\ 

Consequently, Applicant respectfully submits that independent claims 1, 
125, 135, 140, 175, and 180 are patentable over Raanan. Because independent claims 1, 
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125, 135, 140, 175, and 1 80 are patentable, dependent claims 102-105, 111, 127, 133, 134, 
138, 139, 141-144, 151, 176, 177, and 181 are patentable for at least the reasons given 
with respect to their respective independent claims. 

Claims 108. 132, 137, 148 

Claim 108 recites "A data processing system according to claim 1, said 
instruction comprising a computer program procedure name." As is recited in claim 1, the 
"second processing resource is restricted to implementing an instruction communicated 
from said first processing resource which only performs a predetermined allowable 
operation". Applicant cannot find in Raanan disclosure of the subject matter in claim 108. 

The Examiner points to col. 5, lines 10-29 and col. 6, lines 1-6 of Raanan 
for purported disclosure of the subject matter in claim 108. Col. 5, lines 10-29 of Raanan 
recites the following: 

The server message is transmitted to the client, step 36. The 
client then transmits a request directed to the server, step 38. The client's, 
request may be a proper response to the server message or may be an 
attempt to cause the application to execute an unauthorized command. The 
filter module 14 intercepts the client request, reads it, and queries the 
protocol database, step 40. Depending upon the security and privacy 
desired, the query may need to identify the client, the server, the particular 
application and/or the particular session. 

The request is compared to the application protocol database 
to determine whether the request is allowable, step 42. If the request is 
allowable, the filter module 14 passes the request along to the server, step 
44. If the request does not match any of the actions in the application 
protocol in the protocol database 16 and is thus considered disallowable, 
the request is denied access to the server, step 46, and the client 12 and/or 
server 10 may be notified of the attempted unauthorized request. 

Raanan at col. 5, lines 10-29. Col. 6, lines 1-6 of Raanan states the following: 

The extraction module flither [sic] identifies any other 
actions available in the web document, step 76. These include, for example, 
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a "submit" command on an HTML form, a "search" command, or other 
application-level protocols. These additional actions within the web 
document are also extracted and stored in the protocol database, step 78. 

Raanan at col. 6, lines 1-6. While the cited sections of Raanan discuss requests and 
commands, there is no disclosure of an instruction comprising a computer program 
procedure name that is communicated from the first processing resource, as recited in 
claim 108. 

Therefore, claim 108 is patentable over Raanan. Claims 132, 137, and 148 
contain subject matter similar to the subject matter in claim 108 and are also patentable 
over Raanan. 

Claims 109 and 149 

Claim 109 recites "A data processing system according to claim 102, said 
second processing resource configured to provide a reply message to said first processing 
resource responsive to an instruction satisfying said predetermined criterion." Claim 102 
depends from claim 1 and recites in part "where said first processing resource is 
configured to transmit said instruction to said second processing resource for said 
instruction satisfying a predetermined criterion." 

It is noted that the Examiner equates the protocol extraction module 1 8 of 
Raanan with the "first processing resource" of the claims and the server 10 of Raanan with 
the "second processing resource" of the claims. The Examiner cites col. 4, lines 46-64 of 
Raanan as purportedly disclosing the subject matter of claim 109. This section of Raanan 
states the following: 

In accordance with the invention, the protocol extraction 
module 1 8 intercepts server messages and extracts application protocol data 
for addition to the protocol database 16. The operation of the extraction 
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module 1 8 in accordance with one embodiment is described with reference 
to FIG. 3. The server 10 transmits a message directed to the client, step 30, 
the message containing information relating to the application residing and 
running on the server 10 or a computer connected thereto. The message 
may be a response to a request previously received from the client. Using a 
copy of the server message or the message itself, the application protocol 
data is extracted from the server message, step 32. As described in more 
detail below, this extraction process may be performed in a number of 
ways, including through the use of known techniques to identify a low level 
or communication protocol, such as TCP/IP, stripping such protocol while 
retaining required data such as IP source data, and searching the remainder 
of the message for allowed commands or other authorized user actions. 

Raanan at col. 4, lines 46-64. There is no disclosure in this cited text of Raanan of a 
"second processing resource [i.e., the server 12 of Raanan according to the Examiner] 
configured to provide a reply message to said first processing resource [i.e., the protocol 
extraction module 18 or the filter module 14 of Raanan according to the Examiner] 
responsive to an instruction satisfying said predetermined criterion" as recited in claim 
109. 

Thus, there do not appear to be any reply messages in Raanan provided 
from the server 10 of Raanan to the filter module 14/protocol extraction module 18 of 
Raanan, where the reply message is responsive to an instruction satisfying predetermined 
criterion. By contraindication, in Raanan, messages are transmitted from the client 12 to 
the server 10 or from the server 10 to the client 12. There are potential messages from the 
filter module 14 to the client 12/server 10 in Raanan: 

If the request does not match any of the actions in the 
application protocol in the protocol database 1 6 and is thus considered 
disallowable, the request is denied access to the server, step 46, and the 
client 12 and/or server 10 may be notified of the attempted unauthorized 
request. 

Raanan at col. 5, lines 23-28. However, there is no disclosure in Raanan of a "second 
processing resource [i.e., the server 12 of Raanan according to the Examiner] configured 
to provide a reply message to said first processing resource [i.e., the protocol extraction 
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module 18 or the filter module 14 of Raanari according to the Examiner] responsive to an 
instruction satisfying said predetermined criterion" as recited in claim 109. 

Consequently, Applicant respectfully submits that claim 109 is patentable 
As claim 149 recites subject matter similar to claim 109, claim 149 is also 

Claim 158 

Claim 158 recites "A method according to claim 151, further comprising 
said first processing resource deriving sensitive information from a communication, and 
including said sensitive information in said message." Claim 151 depends from 
independent claim 140. Claim 151 recites in part "said first processing resource forming a 
message comprising said instruction and transmitting said message to said second 
processing resource." 

In independent claim 1 40, the first processing resource is in the form of a 
web server coupleable to an open communications network. Applicant describes 
"sensitive information" as the following: 

Sensitive information may comprise credit card details or 
personal details such as address of a customer, and may generally be 
understood to refer to any information which either a person submitting the 
information to the system or the operator of the system does not wish to be 
accessible or available to unauthorised persons. 

Page 8, lines 28-32 of Applicant's specification. 

Applicant has examined the cited portions of Raanan the Examiner asserts 
discloses the subject matter of claim 158, and Applicant respectfully disagrees. It is noted 
that the Examiner equates the "gateway/filter" of Raanan with a "first processing 



over Raanan. 
patentable. 
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resource" and the client 12 of Raanan with a "second processing resource" of Applicant's 
claims. In Raanan, it does not appear that the "gateway/filter" (i.e., filter module 14 or 
protocol extraction module 1 8) operates with "sensitive information" as Applicant 
described above, and even if the gateway/filter or Raanan could be construed as operating 
with "sensitive information" (which the Applicant submits is not true), the gateway/filter 
does not both derive sensitive information from a communication and include the sensitive 
information in a message from the gateway/filter to the server 10 (or client 12) in Raanan. 
For instance, the filter module 14 either passes a request from a client 12 to a server 10 
(step 44 of FIG. 3 of Raanan) or denies request access to the server 10 (step 46 of FIG. 3 
of Raanan). The protocol extraction module 1 8 in Raanan does perform processing on a 
message received from a server 10 (see col. 4, line 46 to col. 5, line 9 of Raanan), but the 
message is simply passed to the client 12. Raanan at col. 5, line 10. There is no disclosure 
in Raanan that the protocol extraction module 1 8 derives sensitive information from a 
communication and includes the sensitive information in a message from the protocol 
extraction module 18 to the server 10. 

For at least these reasons, claim 158 is patentable over Raanan. 

Claims 183 and 186 

Claim 1 83 recites "A data processing system according to claim 1 , wherein 
the system is configured to operate in a command mode for transmitting commands from 
the second processing resource to the first processing resource." Applicant cannot find 
any disclosure in Raanan of a command mode that allows commands to be transmitted 
from the second processing resource to the first processing resource. By contraindication, 
there does not appear to be any modes that allow commands to be transmitted from the 
server 10 to the filter module 14 or protocol extraction module 18. 
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Therefore, Applicant respectfully submits that claim 183 is patentable over 

Raanan. 

Issue B 

Claims 106,. 136, and 145 stand rejected as being obvious under 35 U.S.C. 
§ 103(a) Raanan in view of Piccioni. Claim 106 recites "A data processing system 
according to claim 103, said second processing resource being configured to transmit an 
instruction fail message to said first processing resource responsive to said second 
processing resource determining said instruction failing to satisfy said predetermined 
criterion." 

The Examiner appears to equate the "first processing resource" of the 
claims with a "gateway/filter" (i.e., filter module 14 or protocol extraction module 18) of 
Raanan and the "second processing resource" with the server 10 of Raanan. However, 
Applicant submits that there appears to be no reason for the server 10 to send a failure 
message from the server 10 to the protocol extraction module 18, as the server sends 
messages to the client 12 and the protocol extraction module 18 intercepts those messages. 
There further does not appear to be any reason for the server 10 in Raanan to send a failure 
message from the server 10 to the filter module 14, as in Raanan the filter module 14 
"intercepts" requests from the client 12 to the server 10. Raanan at col. 5, lines 11-17. If 
the request is allowable, the request is forwarded to the server 10. Raanan at col. 5, lines 
20-23. 

In Raanan, there appears to be no communication from the server 1 0 to the 
filter module 14 or protocol extraction module 18, nor is there any implication that there 
should be communication from the server 10 to the filter module 14 or protocol extraction 
module 18 in order to transmit an instruction fail message to said first processing resource 
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responsive to said second processing resource determining said instruction failing to 
satisfy said predetermined criterion as recited in claim 106. 

Because there is neither teaching nor implication in Raanan that there 
should be communication from the server 10 to the filter module 14 or protocol extraction 
module 1 8 in order to transmit an instruction fail message to a "first processing resource", 
the combination of Raanan and Piccioni is improper. For at least this reason, claim 106 is 
patentable. Because claim 106 is patentable, claims 136 and 145, which recite similar 
subject matter to the subject matter in claim 106, are also patentable. 

Issue C 

Claims 107, 146, and 147 stand rejected as being obvious under 35 U.S.C. 
§ 1 03(a) over Raanan in view of Tanaka. 

Claims 107 and 146 

Dependent claim 107 recites "A data processing system according to claim 
1, said second processing resource comprising a database of executable instructions 
defining predetermined allowable functionality of said second processing resource." 

The Examiner asserts that "Raanan discloses that the second processing 
resource determines which instructions are to be included in the database of allowable 
functionality (Column 4, lines 46-64), but does not disclose that the second processing 
resource determines this by using a database located at the second processing resource." 
Page 10, Office Action dated October 12, 2005. The cited portion of Raanan states the 
following: 

In accordance with the invention, the protocol extraction 
module 1 8 intercepts server messages and extracts application protocol data 
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, for addition to the protocol database 16. The operation of the extraction 
module 1 8 in accordance with one embodiment is described with reference 
to FIG. 3. The server 10 transmits a message directed to the client, step 30, 
the message containing information relating to the application residing and 
running on the server 10 or a computer connected thereto. The message 
may be a response to a request previously received from the client. Using a 
copy of the server message or the message itself, the application protocol 
data is extracted from the server message, step 32. As described in more 
detail below, this extraction process may be performed in a number of 
ways, including through the use of known techniques to identify a low level 
or communication protocol, such as TCP/IP, stripping such protocol while 
retaining required data such as IP source data, and searching the remainder 
of the message for allowed commands or other authorized user actions. 

Raanan at col. 4, lines 46-64. It appears that in the rejection of claim 107 the Examiner is 
equating the "second processing resource" of the claims with the "protocol extraction 
module 18" of Raanan, as the protocol extraction module 18 in Raanan is a device that 
"intercepts server messages and extracts application protocol data for addition to the 
protocol database 16" (see cited text of Raanan). However, in the rejection to claim 1, the 
Examiner equates the "second processing resource" of the claims with a server of Raanan 
and the "first processing resource" of the claims with the "gateway/filter" (i.e., a portion 
of which would include the protocol extraction module 1 8) of Raanan. See page 3, Office 
Action dated October 12, 2005. Thus, the rejection to claim 107 appears to reverse (with 
respect to the rejections of claim 1) which of the elements of Raanan are being equated 
with the terms "first processing resource" and "second processing resource" of the claims. 
For this reason alone, claim 107 is patentable over the cited references of Raanan and 
Tanaka. 

Nonetheless, Raanan specifically states that "[t]o prevent clients from 
performing disallowable actions, a gateway or filter mechanism may be interposed 
between the client and server to identify and eliminate disallowable requests." Raanan at 
col. 1, line 65 to col. 2, line 1 (emphasis added). The rest of Raanan is devoted primarily 
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to techniques for automatically updating the filter mechanism (e.g., filter module 14). 
Because Raanan provides a filter mechanism (e.g., filter module 14, which uses database 
1 6 as defined by the protocol extraction module 1 8) to remove unwanted requests to the 
server 10, it is submitted that server 10 would then not need to provide "a database of 
executable instructions defining predetermined allowable functionality of said second 
processing resource" as recited in dependent claim 1 07. This assertion is supported by 
Raanan, as there is no teaching or implication in Raanan that the server 10 should or could 
contain "a database of executable instructions defining predetermined allowable 
functionality of said second processing resource" as recited in dependent claim 107. 
Therefore, there is no motivation to combine Raanan and Tanaka and claim 107 is 
patentable over the cited references of Raanan and Tanaka. 

Because claim 107 is patentable, claim 146, which recites similar subject 
matter to the subject matter in claim 107, is also patentable. 

Claim 147 

Claim 147 recites "A method according to claim 146, further comprising 
said second processing resource comparing said instruction with said database of 
executable instructions for determining whether said instruction is an allowable 
instruction." Claim 146 recites "A method according to claim 140, said second processing 
resource comprising a database of executable instructions defining predetermined 
allowable functionality of said second processing resource", and claim 140 is an 
independent claim. As described above in reference to claim 107, the Examiner appears to 
be reversing between arguments for claim 1 and for claim 107 the equating of "first 
processing resource" and "second processing resource" with elements of Raanan. Further, 
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as also described above, there is no motivation to combine Raanan and Tanaka and 
therefore claim 147 is patentable over the cited references of Raanan and Tanaka. 

Issue D 

Claims 110, 112-119, 126, 128-131, 150, 152-157, and 159 stand rejected 
as being obvious under 35 U.S.C. § 103(a) over Raanan in view of Willmann. 

Claims 110. 112, 115, 130. 150. 152. and 155 

Claim 1 10 recites "A data processing system according to claim 1, said first 
processing resource comprising a storage medium configured to store said instruction in a 
queue prior to transmission to said second processing resource." The Examiner asserts* 
that Raanan does not disclose a storage medium, but that Willmann does disclose a storage 
medium configured to store instructions in a queue. 

Raanan simply states that "[t]he request is compared to the application 
protocol database to determine whether the request is allowable, step 42. If the request is 
allowable, the filter module 14 passes the request along to the server, step 44." Raanan at 
col. 5, lines 20-23. There is no teaching or implication in Raanan that a queue is used to 
store the request prior to transmission to the server 10. 

By contrast, Willmann states that "[t]he incoming data packets have been 
assigned to one of two priority classes and are allocated to one of two queues according to 
their priority class." Willmann, col. 3, lines 51-54. The Examiner asserts that Willmann 
can be combined with Raanan because this combination would enable priority of 
messages, but there is no indication in Raanan that priority of requests exists let alone that 
such prioritization would be beneficial. Therefore, there is no motivation for one skilled 
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in the art to combine Raanan and Willmann. For at least these reasons, claim 1 10 is 
patentable over the cited art of Raanan and Willmann. 

Claims 113, 116, 128. 153. 154. and 156 

Claim 113 recites "A data processing system according to claim 111, 
wherein said message includes an instruction type and said first processing resource 
configured to include in said message an action code indicative of the instruction type." 
The Examiner asserts that the "priority code" in packets in Willmann corresponds to an 
"action code indicative of the instruction type" as in claim 113. Applicant describes an 
"action code" for instance as follows: 

The marker field 92 is followed by an action code field 94 
which indicates the type of payload in the special request message packet 
90. For example, an action code "S" indicates that the special request 
message payload is a stored procedure on the backend server 48. A "C" 
indicates that the special request message payload is a credit or debit card 
verification request, whilst an "E" code indicates that the message payload 
comprises an e-mail message, 

Page 20, lines 9-14. Applicant does state that "[t]he action code may be assigned a 
priority and the first processing resource can be configured to store messages in 
accordance with the priority assigned to the action code for that message." Page 8, lines 
10-12 (emphasis added). These definitions from Applicant's specification indicate that the 
priority in Applicant's invention is different from the action code. 

As Willmann discloses a "priority" and not an "action code" and the 
Examiner admits that Raanan does not disclose "an action code indicative of the 
instruction type", the combination of Raanan and Willmann does not disclose the subject 
matter of claim 113, and claim 1 13 is patentable over the combination of Raanan and 
Willmann. 
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Claims 116, 128, 153, 154, and 156 are also directed to an action code of a 
message and therefore are patentable for at least the reasons give with respect to claim 
113. 

Claim 114, 129 

Claim 114 has subject matter similar to, the subject matter in both claims 
110 and 1 13 and therefore the arguments given above with respect to claims 110 and 113 
are equally applicable to claim 114. Claim 1 14 is therefore patentable over the cited 
references of Raanan and Willmann. 

Claims 117-119, 157, and 159 

Claim 117 recites "A data processing system according to claim 1 , said first 
processing resource configured to transmit said instruction or a message including said 
instruction responsive to receiving a communication comprising sensitive information and 
to discard said sensitive information from said first processing resource." 

Applicant describes "sensitive information" as the following: 

Sensitive information may comprise credit card details or 
personal details such as address of a customer, and may generally be 
understood to refer to any information which either a person submitting the 
information to the system or the operator of the system does not wish to be 
accessible or available to unauthorised persons. 

Page 8, lines 28-32 of Applicant's specification. There is no disclosure or implication in 
Raanan that the filter module 14 or protocol extraction module 18 in Raanan is responsive 
to receiving a communication comprising sensitive information. Applicant has shown 
above that there is no motivation to combine Raanan with Willmann. Regardless, the 
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Examiner points to col. 4, lines 37-44 of Willmann as disclosing discarding sensitive 
information, but what Willmann says is the following: 

When a data packet is read by the server from one of the 
logic queues QU I and QU2, the memory locations occupied by it are 
entered in the list of vacant memory locations. In this example it is also 
possible that the memory locations of a data packet are entered in the list of 
vacant memory locations by the memory management device MCONTR in : 
response to a signal from the write device WR. This data packet is thus 
deleted from the queue. 

Willmann at col. 4, lines 37-44. It can be seen from the recited text of Willmann that the 
data packet is "deleted" from the queue after the data packet has been read, and there is no 
indication that the device in Willmann is responsive to receiving a communication 
comprising sensitive information to discard the sensitive information from the device. 

Consequently, the Raanan and Willmann references do not disclose or 
imply "said first processing resource configured to transmit said instruction or a message 
including said instruction responsive to receiving a communication comprising sensitive 
information and to discard said sensitive information from said first processing resource" 
in claim 117. 

As claims 118, 119, 157, and 159 are directed to sensitive information in 
messages, these claims are also patentable for at least the reasons given above with respect 
to claim 117. 

Claim 131 

Claim 131 recites "data processing apparatus according to claim 127, said 
first processing resource being configured to transmit said instruction or message 
responsive to receiving a communication comprising sensitive information and to remove 
at least that part of said communication comprising said sensitive information from said 
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first processing resource;" The arguments given above with respect to claim 117 are 
equally applicable with respect to claim 131. 

Moreover, claim 13 1 recites "responsive to receiving a communication 
comprising sensitive information and to remove at least that part of said communication 
comprising said sensitive information from said first processing resource". By contrast, in 
Willmann, the entire packet is "deleted", and there is no disclosure or implication that the 
device in Willmann is responsive to receiving a communication comprising sensitive 
information to discard the sensitive information from the device and particularly of 
removing at least that part of a communication comprising the sensitive information from 
a processing resource. 

For at least these reasons, claim 131 is patentable over the references of 
Raanan and Willmann. 

Issue E 

Claims 160, 161, 184, and 185 stand rejected under 35 U.S.C. §103(a) over 
Raanan in view of Willmann and in further view of RFC79 1 . 

Claim 160 recites "A method according to claim 158, further comprising 
said first processing resource discarding said sensitive information within a predetermined 
time period." Claim 158 recites "A method according to claim 151, further comprising 
said first processing resource deriving sensitive information from a communication, and 
including said sensitive information in said message." 

As described above, Raanan (nor Willmann) does not disclose any 
derivation of sensitive information from a communication and including the sensitive 
information in a message. Moreover, Applicant has already shown that there is no 
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motivation to combine Raanan and Willmahn. Nonetheless, as described above, 
Willmann "deletes" packets from a queue after the packets have been read, but there is.no 
disclosure or teaching in Willmann that such packets include "sensitive information" or 
that the device in Willmann is responsive to receiving a communication comprising 
sensitive information to discard the sensitive information from the device. 

Furthermore, the RFC791 section cited by the Examiner is a "time to live" 
parameter that is set by the sender to set the maximum time a datagram is allowed to be in 
the Internet system. The RFC791 section appears to be inapplicable to a processing 
resource that discards sensitive information (such as credit card data), derived from a 
communication, from the processing resource within a predetermined time period. 

For at least these reasons, dependent claim 160 is patentable over the cited 
references of Raanan, Willmann, and RFC791. Claims 161, 184, and 185 are also 
patentable for at least the reasons given with respect to dependent claim 160. 

Issue F 

Claims 178 and 182 stand rejected as being obvious under 35 U.S.C. 
§103 (a) over Raanan in view of OSTA. Claims 178 and 182 are patentable for at least the 
reasons given with respect to their respective independent claims, 175 and 180. 

Conclusion 

For at least the above reasons, the Applicant/ Appellant contends that claims 
1, 102-1 19, 125-161, 175-178, and 180-186 are patentable over the respective cited art. 
The Applicant/ Appellant respectfully requests the Board reverse the final rejection in the 
Office Action of October 12, 2005 and the Advisory Action of January 31, 2006, and 
further that the Board rule that the pending claims are patentable over the cited art. 
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(8) CLAIMS APPENDIX 

1 . A data processing system, comprising: 

a first processing resource in the form of a web server coupleable to an 
open communications network; and 

a second processing resource in the form of a back end server coupleable to 
said first processing resource; 

said first processing resource and said second processing resource being 
configured to establish a communications relationship between them through a non- : 
network connected communications channel, whereby said second processing resource is 
restricted to implementing an instruction communicated from said first processing 
resource which only performs a predetermined allowable operation, thereby inhibiting 
compromise of said second processing resource. 

2-101. Canceled 

102. A data processing system as in claim 1, where said first processing resource is 
configured to transmit said instruction to said second processing resource for said 
instruction satisfying a predetermined criterion. 

103. A data processing system as in claim 1, where said first processing resource is 
configured to transmit said instruction to said second processing resource and where said 
second processing resource is configured to execute said instruction for said instruction 
satisfying a predetermined criterion. 
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104. A data processing system according to claim 103, said predetermined criterion 
comprising said instruction being included in a predefined set of allowable instructions for 
said second processing resource. 

105. A data processing system according to claim 102, said predetermined criterion 
comprising said instruction being identified as an allowable instruction for said second 
processing resource. 

106. A data processing system according to claim 103, said second processing resource 
being configured to transmit an instruction fail message to said first processing resource, 
responsive to said second processing resource determining said instruction failing to 
satisfy said predetermined criterion. 

107. A data processing system according to claim 1, said second processing resource 
comprising a database of executable instructions defining predetermined allowable 
functionality of said second processing resource. 

108. A data processing system according to. claim 1, said instruction comprising a 
computer program procedure name. 

109. A data processing system according to claim 102, said second processing resource 
configured to provide a reply message to said first processing resource responsive to an 
instruction satisfying said predetermined criterion. 

1 10. A data processing system according to claim 1, said first processing resource 
comprising a storage medium configured to store said instruction in a queue prior to : 
transmission to said second processing resource. 
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111. A data processing system according to claim 1, said instruction being comprised in a 
message for transmission to said second processing resource. 

112. A data processing system according to claim 111, said first processing resource 
comprising a storage medium configured to store said message in a queue prior to 
transmission to said second processing resource. 

113. A data processing system according to claim 111, wherein said message includes an 
instruction type and said first processing resource configured to include in said message an 
action code indicative of the instruction type. 

114. A data processing system according to claim 111, said first processing resource 
comprising a storage medium configured to store said message prior to transmission to. 
said second processing resource, said message including an instruction type, said first 
processing resource being further configured to include in said message an action code 
indicative of the instruction type, and said first processing resource configured to store 
said message in accordance with a priority assigned to said action code. 

115. A data processing system according to claim 111, said first processing resource 
comprising a storage medium configured to store said message prior to transmission to 
said second processing resource, said first processing resource configured to store 
messages in accordance with their chronological order. 

116. A data processing system according to claim 1 14, said first processing resource 
being configured to select a stored message for transmission to said second processing 
resource in accordance with a priority determined by said action code of said message. 

1 17. A data processing system according to claim 1, said first processing resource 
configured to transmit said instruction or a message including said instruction responsive 
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to receiving a communication comprising sensitive information and to discard said 
sensitive information from said first processing resource. 

1 18. A data processing system according to claim 117, said message representing 
sensitive information derived from said communication. 

119. A data processing system according to claim 117, wherein said sensitive information 
is discarded in response to transmission of said message comprising sensitive information 
to said second processing resource. 

120-124. (Canceled) 

125. A data processing apparatus, comprising: 

a first processing resource in the form of a web server coupleable to an 
open communications network and to a non-network connected communications channel; 
said first processing resource being configured to transmit an instruction to a second 
processing resource in the form of a back end server disposed in a non-open network 
coupled data processing apparatus responsive to receiving a communication via said 
communications channel and for said instruction satisfying a predetermined criterion. 

126. A data processing apparatus according to claim 125, further comprising a storage 
medium to store said instruction in a queue prior to transmission to said second processing 
resource. 

127. A data processing apparatus according to claim 125, wherein said first processing 
resource is configured to form a message including said instruction for transmission to 
said second processing resource. 
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128. A data processing apparatus according to claim 127, wherein said message includes 
an instruction type and wherein said first processing resource is configured to include in 
said message an action code indicative of an instruction type. 

129. A data processing apparatus according to claim l28 5 wherein said first processing 
resource is configured to store messages in accordance with a priority assigned to said 
action code.. 

130. A data processing apparatus according to claim 127, wherein said first processing 
resource is configured to store messages in accordance with their chronological order. 

131. A data processing apparatus according to claim 127, said first processing resource 
being configured to transmit said instruction or message responsive to receiving a 
communication comprising sensitive information and to remove at least that part of said 
communication comprising said sensitive information from said first processing resource. 

132. A data processing apparatus according claim 125, said instruction comprising a 
computer program procedure name. 

133. A data processing apparatus according to claim 132, said predetermined criterion 
comprising said instruction or said computer program procedure being included in a 
predefined set of allowable instructions or computer program procedures for said second 
processing resource. 

134. A data processing apparatus according to claim 132, said predetermined criterion 
comprising said instruction or said computer program procedure being identified as an 
allowable instruction or computer program procedure for said second processing resource. 
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135. A data processing apparatus, comprising: 

a second processing resource in the form of a back end server that is 
configured to respond to an instruction received through a non-network connected 
communications channel from another processing resource in the form of a web server 
disposed in another data processing apparatus to execute only instructions satisfying a . 
predetermined criterion. 

136. A data processing apparatus according to claim 135, further comprising a database of 
executable instructions defining predetermined allowable functionality of said data 
processing apparatus. 

137. A data processing apparatus according to claim 135, said instruction comprising a 
computer program procedure name. 

138. A data processing apparatus according to claim 137, said predetermined criterion 
comprising said instruction or said computer program procedure being included in a 
predefined set of allowable instructions or computer program procedures for said second 
processing resource. 

139. A data processing apparatus according to claim 137, said predetermined criterion 
comprising said instruction or computer program procedure being identified as an 
allowable instruction or computer program procedure for said second processing resource. . 

140. A method for operating a processing system including a first processing resource in 
the form of a web server coupleable to an open communications network and a second 
processing resource in the form of a back end server, the method comprising: 

establishing a communications relationship between said first and second 
processing resource through a non-network connected communications channel whereby 
said second processing resource is restricted to implementing an instruction communicated 
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from said first processing resource which only performs a predetermined allowable 
operation^ thereby inhibiting compromise of said second processing resource. 

141. A method according to claim 140, said first processing resource transmitting said 
instruction to said second processing resource for said instruction satisfying a 
predetermined criterion. 

142. A method according to claim 140, said first processing resource transmitting said 
instruction to said second processing resource, and said second processing resource 
executing said instruction only if said instruction satisfies a predetermined criterion. 

143. A method according to claim 142, said predetermined criterion comprising said 
instruction being included in a predetermined set of allowable instructions for said second 
processing resource. 

144. A method according to claim 141, said predetermined criterion comprising said 
instruction being identified as an allowable instruction by said second processing resource. 

145. A method according to claim 142, further comprising said second processing 
resource transmitting an instruction fail message to said first processing resource 
responsive to said second processing resource determining said instruction failing to 
satisfy said predetermined criterion. 

146. A method according to claim 140, said second processing resource comprising a 
database of executable instructions defining predetermined allowable functionality of said 
second processing resource. 
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147. A method according to claim 146, further comprising said second processing 
resource comparing said instruction with said database of executable instructions for 
determining whether said instruction is an allowable instruction. 

148. A method according to claim 140, said instruction comprising, a computer program 
procedure name. 

149. A method according to claim 141, further comprising said second processing 
resource providing a reply message to said first processing resource responsive to said 
second processing resource determining that an instruction satisfies said predetermined 
criterion. 

150. A method according to claim 140, further comprising said first processing resource 
storing said instruction in a queue prior to transmitting said instruction to said second 
processing resource. 

151. A method according to claim 140, said first processing resource forming a message 
comprising said instruction and transmitting said message to said second processing 
resource. 

152. A method according to claim 151, further comprising said first processing resource 
storing said message in a queue prior to transmitting said message to said processing 
resource. 

153. A method according to claim 151, further comprising said first processing resource 
forming said message to include an action code indicative of an instruction type included 
in said message. 
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1 54. A method according to claim 1 53 5 further comprising said first processing resource 
storing said message in accordance with a priority assigned to said action code. 

155. A method according to claim 151, further comprising said first processing resource 
storing said message in accordance with a chronological order. 

156. A method according to claim 153, further comprising said first processing resource 
transmitting a message to said second processing resource in accordance with a priority 
determined by said action code of said message. 

157. A method according to claim 151, further comprising said first processing resource 
transmitting said instruction or message in response to receiving a communication 
comprising sensitive information and discarding said sensitive information from said first 
processing resource. 

158. A method iaccording to claim 151, further comprising said first processing resource 
deriving sensitive information from a communication, and including said sensitive 
information in said message. 

159. A method according to claim 158, further comprising said first processing resource 
discarding said sensitive information in response to a transmission of said message 
comprising said sensitive information to said second processing resource. 

160. A method according to claim 158, further comprising said first processing resource 
discarding said sensitive information within a predetermined time period. 

161. A method according to claim 160, wherein said time period is one of the following: 
(1) less than 2 minutes from receipt of said communication, (2) less than 1 minute from 
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receipt of said communication or (3) the shortest time possible from receipt of said 
communication. 

162-174. (Canceled) 

175. A carrier medium comprising computer machine readable instructions, translatable 
for configuring a data processing apparatus or system to include or establish a 
communications relationship through a non-network connected communication channel 
between a first processing resource in the form of a web server coupleable to an open 
communications network and a second processing resource in the form of a back end 
server whereby said second processing resource is restricted to implementing an 
instruction communicated from said first processing resource which only performs a 
predetermined allowable operation, thereby inhibiting compromise of said second 
processing resource. 

176. A carrier medium according to claim 175, further translatable for configuring said . 
data processing apparatus or system to transmit said instruction from said first processing 
resource to said second processing resource for said instruction satisfying a predetermined 
criterion. 

177. A carrier medium according to claim 175, further translatable for configuring said 
data processing apparatus or system to transmit said instruction from said first processing 
resource to said second processing resource, and said second processing resource 
executing said instruction only if said instruction satisfies a predetermined criterion. 

178. A carrier medium according to claim 175, where said carrier medium comprises at 
least one of the following: 

a solid-state memory; 

a magnetic tape memory medium; 
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. / a magnetic disc; and 

an optical storage medium. 

179. (Cancelled) 

1 80. A carrier medium comprising computer or machine readable instructions for 
configuring a data processing apparatus or system comprising a first processing resource 
in the form of a web server coupleable to an open communications network and a second 
processing resource in the form of a back end server to establish a communications 
relationship between said first and second processing resources through a non-network 
connected communication channel; and 

to transmit an instruction from said first processing resource to said 
processing resource for said instruction satisfying a predetermined criterion, whereby said 
second processing resource is restricted to implementing an instruction, communicated ; 
from said first processing resource which only performs a predetermined allowable 
operation, thereby inhibiting compromise of said second processing resource. 

181. A carrier medium as in claim 180, said second processing resource executing said 
instruction only if said instruction satisfies said predetermined criterion. 

1 82. A carrier medium in accordance with claim 1 80, said carrier medium comprising at 
least one of the following: 

a solid-state memory; 

a magnetic tape memory medium; 

a magnetic disc; and 

an optical storage medium. 
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1 83 . A data processing system according to claim 1 , wherein the system is configured to 
operate in a command mode for transmitting commands from the second processing 
resource to the first processing resource. 

184. A data processing system according to claim 117, said first processing resource 
being configured to discard said sensitive information within a predetermined time period. 

1 85. A data processing system according to claim 1 84, wherein said time period is one 
of the following: (1) less than two minutes from receipt of said communication or (2) the 
shortest possible time from receipt of said communication. 

186. A method according to claim 140, further comprising operating the processing 
system in a command mode for transmitting commands from the second processing 
resource to the first processing resource. 

END OF CLAIMS 



41 



Appl. No. 09/930,612 

Appeal Brief dated April 7, 2006 

Corresponding to Notice of Appeal filed February 10, 2006 . : : ' ; 

(9) EVIDENCE APPENDIX 

There is no evidence submitted pursuant to 37 C.F.R. §§1.130, 1.131, or 
1.132 or entered by the Examiner and relied upon by Appellant. 

(10) RELATED PROCEEDING APPENDIX 

There are no known decisions rendered by a court or the Board in any 
proceeding identified pursuant to paragraph (c)(l)(ii) of 37 C.F.R. §41.37. 
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